Information Security, IoT and Cloud Computing

Tag Archives: infosec

While Ransomware may be the talk of the town these days, many other profound changes are happening in the industry that impact job of information security professionals. Keeping in view these change, I felt a need for updating CISO MindMap. … Continue reading →

ROSI or Return On Security Investment is simply a way to calculate if a security control is worth implementation or not. For a control to be financially viable, the reduction of risk has to be greater than the cost of … Continue reading →

Like this:

How do you align yourself with the business you are supporting? What value are you creating? These are the questions that every CISO should be thinking on regular basis. In a typical organization, the CEO has a list of business … Continue reading →

Like this:

Please note that this is an older post An updated MindMap available here. It took some time to update the CISO MindMap but finally it is here. Thanks to all who provided suggestions for this update. A very rapid change … Continue reading →

Like this:

There are almost as many information security reports out there as the number of security vendors. Keeping up to date about these reports could be a challenge and sometimes these reports may become an information overload for security professionals. Verizon … Continue reading →

Like this:

SWOT (Strengths, Weaknesses, Opportunities, Threats) analysis is an industry standard way of analyzing current situation (marketing, business strategy, risk assessment, etc). In many cases, SWOT analysis provides foundation for creating business strategy. Following is a short description of how we … Continue reading →

The role of CISO, and other InfoSec professionals, has morphed into a critical business function. One should expect getting involved in “business” discussion often, and at higher levels. Understanding and speaking business language is more important than ever for success … Continue reading →

Like this:

IDC (and other analysts) predict information security, threat intelligence, data analytics, hunting, among others, are expected to grow and become more important part of a CISO’s strategy in 2015 and beyond. If one has money and backing of a large organization, … Continue reading →